Senior Security Engineer - Application & Platform Security

At ClickUp, we’re not just developing software; we’re pioneering the future of work! In an era inundated with work distractions, we envisioned a better approach. This vision led to the creation of the first genuinely unified AI workspace, seamlessly integrating tasks, documents, chat, calendar, and enterprise search, all enhanced by context-driven AI. This empowers millions of teams to break free from silos, reclaim their time, and achieve unprecedented productivity levels. At ClickUp, you will have the chance to learn, utilize, and innovate with AI in ways that will not only shape our product but also the future of work itself. Join us and be part of a daring, innovative team that is redefining possibilities! ClickUp is a leading force across every G2 category we participate in and is poised for exponential growth! Our application is uniquely designed to cater to everyone from families to Fortune 500 enterprises.We are in search of a Senior Security Engineer specializing in Application Security for a newly established, engineering-centric security team. Our team collaborates with and integrates into existing engineering teams at ClickUp. We are dedicated to developing and disseminating technology that includes defensive security features, secure infrastructure, operational tools, security response capabilities, and comprehensive security guidelines.Your mission will be to cultivate a culture of security empowerment, enabling our product engineers to develop and launch secure offerings using Angular, Node.js, and PostgreSQL, all hosted on AWS.As a strategic partner, you will collaborate closely with various engineering teams to design, develop, and guide secure solutions. We are experiencing rapid growth and seek Security Engineers who are eager to embrace this challenge!The Role:Design and implement security features that safeguard the entire ClickUp platform.Conduct threat modeling, implementation reviews, and security testing; evaluate requirements and designs.Create tools to assist at all stages of security prevention, detection, and response across the full Software Development Life Cycle (SDLC) from code to deployment.Integrate with existing engineering and product teams, serving as a 'security player-coach'.Develop security automation for the ClickUp platform; design and establish secure-by-default infrastructure.

At Contrast Security, we are revolutionizing the way organizations secure their software in today’s fast-paced development landscape. Our cutting-edge Application Detection and Response (ADR) technology empowers teams to identify, halt, and address real threats instantaneously. If you are enthusiastic about creating intelligent, efficient, and impactful security solutions, you will thrive here.We are on the lookout for sharp thinkers, courageous innovators, and adept problem-solvers who excel at transforming intricate obstacles into groundbreaking solutions.We invite applications for the role of Senior Sales Engineer, who possesses substantial expertise in security. You will offer technical guidance throughout the sales process, leveraging your comprehensive knowledge of Application Security (AppSec), DevSecOps, consulting, IT, and sales. Your exceptional communication skills will help you effectively convey the value of Contrast Security’s offerings to both technical and non-technical stakeholders.As a Sales Engineer, you will be an essential bridge connecting Sales, Product Management, and Engineering teams. You will craft messaging for executives, collaborate daily with sales representatives, and liaise with engineers as necessary. Proficiency in Linux and Windows environments, along with command-line tools and OS services, is essential.In this pivotal role, you will contribute significantly to the growth of our company and team. During your first month, you will immerse yourself in the Contrast platform, mastering a revolutionary technology that enhances software development security. You will gain firsthand experience in DevSecOps and understand the implications of “Shifting Left” in Application Security. Within three months, you will engage directly with prospective clients, including Fortune 100 companies and technology leaders, demonstrating the benefits of continuous application security monitoring. As you advance, your expertise will be crucial in addressing complex technical challenges for potential clients.To succeed in this role, you must be skilled at analyzing prospective customer workflows, defining optimal outcomes, and assisting customers in realizing the value of the Contrast platform. A deep understanding of a DevOps-oriented Software Development Life Cycle (SDLC) is required, along with the ability to advocate for Contrast products to prospective clients. You will also participate in webinars, conferences, and contribute to blogs, drawing on your expertise in discovering customer needs, showcasing product capabilities, executing Proofs of Value (POVs), and leading discussions around Enterprise Architecture, which are critical for success in this position.

Role overview Webflow is hiring a Senior Application Security Engineer. This remote role is open to candidates in California (BC & ON only) and across the U.S. What you will do Work closely with teams across the company to spot, evaluate, and address security risks in Webflow’s applications. Develop and apply security best practices to strengthen application defenses. Help shape and advance Webflow’s overall security strategy.

Role overview Magic School seeks a Senior Security Engineer with a focus on Application and Cloud Security. This position plays a key role in shaping how the company protects both its cloud infrastructure and software systems. The engineer will guide ongoing security improvements and help embed safeguards directly into platforms and applications. What you will do Lead projects to strengthen security across cloud environments and applications Develop and improve security frameworks to align with company objectives Perform risk assessments to find and address vulnerabilities Create and maintain incident response plans to protect systems and data Advise teams on best practices for system integrity and safety Location This position is fully remote.

Join Arcadia as a Senior Security Engineer specializing in Application Security (AppSec). In this role, you will play a pivotal part in safeguarding our applications and infrastructure by implementing robust security measures and promoting security best practices throughout the development lifecycle. Your expertise will help identify vulnerabilities, devise effective remediation strategies, and enhance our overall security posture. Collaborate with cross-functional teams to ensure security is integrated into every phase of our software development processes.

Join Canary Technologies as a Senior Application Security Engineer and play a pivotal role in embedding security within our software development lifecycle. You will collaborate closely with development teams to ensure secure design becomes the standard practice. This position involves taking ownership of application security tooling and automation while working alongside Site Reliability Engineers (SREs), infrastructure, and data engineers to maintain a secure, scalable platform. Our engineering team operates fully remotely, allowing for flexibility and innovation in a fast-paced environment.

Why join usAt Brex, we are revolutionizing the way businesses manage their finances through our AI-powered spend platform. We empower organizations, ranging from startups to large enterprises, with integrated corporate cards, banking solutions, and global payment options, complemented by user-friendly software for travel and expenses. Our clientele includes industry leaders like DoorDash, Flexport, and Compass, all of whom benefit from our commitment to proactive spend control, cost reduction, and efficiency improvements worldwide.Joining our team means pushing your boundaries, questioning conventional wisdom, and collaborating with some of the brightest talents in the field. We are dedicated to cultivating a diverse workforce and fostering an inclusive culture where your potential is limited only by your imagination. We provide you with the necessary tools, resources, and support to elevate your career to new heights.Engineering at BrexAt Brex, engineering is about developing scalable systems with purpose and speed. Our diverse teams across Software, Data, Security, and IT function with high autonomy and deep collaboration. We tackle complex technical challenges, take full ownership of our results, and strive for excellence at every stage—from architecture to deployment. Here, engineering is considered a craft, and those who build can become leaders.What you’ll doAs a Senior Application Security Engineer, your primary responsibility will be identifying and responding to security vulnerabilities across the Brex platform. You will conduct code and design reviews, perform penetration testing, and manage vulnerability assessments. Additionally, you will create and maintain tools for static and dynamic testing of our platform while ensuring secure developer workflows. This role is part of our broader Financial Scale organization, requiring close collaboration with Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure teams.We seek candidates who possess a robust background in penetration testing and a proven track record in discovering vulnerabilities within intricate systems, alongside the ability to craft exploits that highlight business impact. This position is highly collaborative, providing the opportunity to work across all engineering teams at Brex. We value enthusiasm for engaging with diverse roles and backgrounds, as building a top-tier financial service necessitates top-tier security.Brex is at the forefront of the next generation of AI-driven financial services for dynamic, impactful companies, including Coinbase, Robinhood, and Anthropic. As we embark on integrating AI throughout our product suite, you will have the chance to influence and shape our initiatives significantly.

About Branch Branch helps workers gain financial independence by making it easier for companies to pay them quickly and by offering accessible, no-cost financial services. The team is committed to building inclusive and transparent products that improve the financial lives of working Americans. Ideas and initiative matter here. Employees are encouraged to share their thoughts, those ideas can shape products, culture, and the company’s direction. Branch values diverse perspectives and working styles, aiming to create an environment where everyone can thrive. Role Overview: Senior Application Security Engineer (Remote, US) Branch is hiring a Senior Application Security Engineer to help protect applications, networks, cloud infrastructure, and corporate devices. This role calls for broad security expertise and hands-on experience across multiple domains. The engineer will work closely with teams to build secure systems and processes that support Branch’s mission. What You Will Do Collaborate with Engineering to embed security into the Software Development Life Cycle (SDLC): implement secure design patterns, lead threat modeling, and deliver AppSec training for developers. Plan and conduct application security assessments, including static and dynamic analysis (SAST, DAST), software composition analysis (SCA), and manual code reviews for web, mobile, and API platforms. Strengthen API security for both internal and external services by improving authentication, authorization, rate limiting, and abuse prevention. Manage and improve the vulnerability management program: set prioritization frameworks, track SLAs, and coordinate remediation across teams. Champion software supply chain security, including generating SBOMs, analyzing dependency risks, and reviewing third-party components. Support Governance, Risk, and Compliance (GRC) with technical evaluations of third-party risks and vendor security assessments. Lead incident response efforts from initial detection through resolution and post-incident review. Develop and maintain security policies and procedures, ensuring alignment with industry standards and best practices. Location This position is remote within the United States.

At RegScale, we are redefining how organizations manage their security, risk, and compliance programs through our innovative continuous controls monitoring (CCM) platform. As we evolve from a startup to a robust enterprise-ready engineering organization, we are building a skilled team that will drive this transformation. In our mission to handle sensitive security and regulatory data for both enterprise and government clients, we prioritize security as a fundamental engineering principle embedded in our software development process. The Role We are seeking a highly autonomous and experienced Senior Application Security Engineer who excels in navigating complex engineering landscapes. As the lead application security expert at RegScale, you will identify security risks, develop comprehensive strategies to mitigate them, and drive initiatives from inception to measurable outcomes. You will operate independently without a dedicated team, influencing cross-functional engineering teams to enhance security practices. Your role will encompass collaboration with various engineering disciplines, including Core Engineering, Platform and AI, Compliance as Code, Quality Engineering, SRE, Infrastructure, and external security teams. Your success will be measured by your ability to foster security awareness among engineers and integrate security principles into the design, development, and deployment phases of our software. RegScale serves a diverse clientele, including enterprises and government agencies, adhering to regulatory frameworks such as FedRAMP, NIST, and CMMC. This position reports to the SRE and Infrastructure teams and requires not only deep technical security knowledge but also the influence and ownership mentality necessary to instill security as a shared value across engineering.

Join Upside:At Upside, we are on a mission to revolutionize brick-and-mortar commerce. Our advanced technology combines the nuances of online retail—profit measurement, attribution, and incrementality—to enhance the value for users on their daily purchases while simultaneously attracting new, profitable customers to brick-and-mortar businesses. Millions of users have benefited from earning 2 to 3 times more cashback than any competing product, and hundreds of thousands of physical businesses have realized tangible profits through our platform. Each year, billions in commerce are processed through Upside, returning value directly to our retail partners, the consumers they serve, and vital sustainability efforts.Your Impact:In this role, you will report to the Director of Information Security, collaborating closely with technology stakeholders. Utilize your expertise in secure coding practices and payment systems to identify and address application vulnerabilities. As an individual contributor, you will bring innovation to our AppSec team, strengthen our security posture, and empower our engineering teams to code securely.Innovate with AI to deliver robust security solutions that mitigate application vulnerabilities.Conduct security code tests (SAST, SCA) and work with engineers to resolve unsafe code.Develop threat models and collaborate with technology teams to document and assess risks.Advise leadership on security architecture, design, and best practices in application security.Train and enhance the skills of engineers in safe coding and vulnerability management techniques.Assist with penetration testing initiatives and manage bug bounty programs.Support the administration of AWS Control Tower and IAM provisioning.Engage with the security community to stay informed about trends and advancements.Qualifications:A minimum of 6 years of experience in application or product security, including reviewing Python code.Proven experience in innovating and implementing solutions for vulnerability management.In-depth knowledge of AWS security architecture, including Lambda and AWS Control Tower.Strong comprehension and application of AI technologies.A Bachelor's degree in Computer Science or Engineering is highly preferred.Outstanding interpersonal and customer service skills.

Why Join Brex?Brex is an innovative AI-driven spend management platform designed to empower businesses to manage expenses with confidence. We provide integrated corporate cards, banking solutions, and global payment options, alongside intuitive software for travel and expense management. From startups to large enterprises, clients like DoorDash, Flexport, and Compass leverage Brex to optimize spending, lower costs, and enhance efficiency worldwide.Joining Brex means embracing challenges, pushing boundaries, and collaborating with industry leaders. We are dedicated to fostering a diverse and inclusive culture where your potential is only limited by your aspirations. We equip you with the necessary tools, resources, and support to advance your career.Engineering at BrexOur engineering culture focuses on building scalable systems with intention and speed. Our teams, spanning Software, Data, Security, and IT, work with high autonomy and deep collaboration. We confront challenging technical problems, take ownership of outcomes, and strive for excellence across all levels—from architecture to deployment. Here, engineering is regarded as a craft, and builders evolve into leaders.Your RoleAs a Senior Application Security Engineer, you will be pivotal in identifying and addressing security vulnerabilities within the Brex platform. Your responsibilities will include conducting code and design reviews, penetration testing, and managing vulnerabilities. You will also develop and maintain tools for static and dynamic testing of the platform, ensuring secure developer workflows. You will collaborate closely with teams across Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure.We seek individuals with a robust background in penetration testing and a proven track record of uncovering vulnerabilities in complex systems. Your ability to craft exploits that highlight business risk will be essential. This role demands a collaborative spirit, as you will engage with various engineering teams throughout Brex. Your enthusiasm for diverse perspectives and needs is crucial as we build world-class financial services with top-tier security.Brex is at the forefront of AI-driven financial services for dynamic companies such as Coinbase, Robinhood, and Anthropic. As we integrate AI across our product suite, this role will have the chance to significantly influence our approach.

Join Contentful as an Application Security Engineer, where you will be instrumental in safeguarding our applications and services. You will work collaboratively with our development teams to implement security best practices and protect our customers' data.

Join Space Exploration Technologies Corp. (SpaceX) as a Senior Application Security Engineer, where you will play a crucial role in ensuring the security of our applications and software systems. You will work alongside our talented engineering teams to identify and mitigate security vulnerabilities, implement security best practices, and enhance our security posture in support of our mission to make space travel affordable and accessible.

K Health Careers seeks a Senior Application Security Engineer based in New York, NY. The focus of this role is to strengthen application security and protect user data and privacy across the organization. Key responsibilities Identify and analyze software vulnerabilities, then recommend practical solutions. Collaborate with developers and cross-functional teams to integrate security into every phase of the software development lifecycle. Conduct thorough security assessments and review both application code and system architecture. Advise teams on secure coding practices and support their adoption throughout the company. Lead projects focused on enhancing application security protocols and maintaining high standards. Collaboration and impact This position works closely with engineering and other stakeholders to embed security thinking into daily development. Sharing expertise, guiding teams, and shaping a strong security culture are central to the role.

About Our TeamAt OpenAI, security is a core pillar of our commitment to ensuring that artificial general intelligence is beneficial to all of humanity. Our Security team plays a crucial role in safeguarding OpenAI’s technology, personnel, and products. We focus on creating effective technical solutions while maintaining operational excellence. Our guiding principles include prioritizing impactful actions, empowering researchers, preparing for transformative technologies, and fostering a robust security culture.About the RoleAs a Security Engineer specializing in Application Security, you will be at the forefront of identifying and addressing security vulnerabilities within our software applications. Your expertise will be applied through building innovative security tools, conducting code reviews, performing penetration testing, and executing thorough security assessments.We are seeking proactive individuals who can collaborate closely with development teams to ensure the integration of secure coding practices throughout the software development lifecycle. Your role will also encompass providing security guidance to developers and stakeholders, thereby enhancing the overall security awareness across the organization.This position is ideally based in San Francisco, Seattle, or New York City, but remote work options will be considered. Our hybrid work model includes three days in-office each week, along with relocation assistance available for new hires.Key Responsibilities:Conduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to uncover vulnerabilities in applications.Develop Security Tools: Design and implement security tools, frameworks, and methodologies to shield applications from potential threats.Collaborate with Development Teams: Partner with development teams to ensure best security practices are embedded in the software development lifecycle, including secure coding standards.Threat Modeling and Risk Management: Engage in threat modeling and risk assessments to identify potential risks early and formulate effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and oversee vulnerabilities in applications, providing guidance and support for remediation efforts.Incident Response: Participate in incident response efforts as necessary, ensuring swift action is taken to mitigate security incidents.

Join our dynamic team at Contentful as an Application Security Engineer. In this critical role, you will be responsible for ensuring the security of our applications and services by implementing robust security practices and conducting thorough assessments. You will work closely with development teams to integrate security into the software development lifecycle, identifying vulnerabilities and providing solutions to mitigate risks.

About the TeamAt OpenAI, we are driven by a mission to ensure that artificial general intelligence is a force for good for all humanity. Our Security team plays a crucial role in safeguarding OpenAI's technology, personnel, and products. We pride ourselves on our technical expertise in building secure systems while maintaining an operational focus. Our core principles include prioritizing impactful security initiatives, empowering researchers, preparing for emerging transformative technologies, and fostering a strong security culture across the organization.About the RoleAs an Application Security Engineer, you will take the lead in identifying and mitigating security vulnerabilities within our software applications. Your responsibilities will include developing security tools, performing code reviews, conducting penetration tests, and executing thorough security assessments.We seek individuals who will collaborate closely with our development teams to embed secure coding practices throughout the software development lifecycle, proactively preventing potential security risks. You will also offer security guidance to developers and other stakeholders, thereby nurturing a culture of security awareness within our organization.This role is ideally based in Seattle, San Francisco, or New York City, but we are open to considering remote candidates. Our hybrid work model allows for three days in-office each week, and we provide relocation assistance for new hires.In this role, you will:Conduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to uncover vulnerabilities in our applications and software.Develop and Implement Security Tools: Design and execute security tools, frameworks, and methodologies to safeguard applications from security threats.Collaborate with Development Teams: Partner with development teams to ensure security best practices are seamlessly integrated throughout the software development lifecycle (SDLC), including secure coding guidelines.Conduct Threat Modeling and Risk Assessment: Engage in threat modeling and risk assessments to proactively identify potential vulnerabilities and formulate effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and address vulnerabilities within applications, offering guidance and support for remediation efforts.Lead Incident Response: Take charge in responding to security incidents, ensuring timely investigation and resolution of security breaches.

Join Contentful as a Security Engineer specializing in Application Security. In this pivotal role, you will help protect our applications and data from security threats while enhancing the overall security posture of our organization. You will collaborate with development teams to integrate security into the software development lifecycle, conduct security assessments, and implement best practices to safeguard our applications.

We are seeking a skilled Security Application Engineer to join our dynamic team at usm2. In this role, you will be responsible for developing and implementing security measures for our applications, ensuring the integrity and safety of our software systems. You will work closely with cross-functional teams to identify vulnerabilities and recommend effective solutions.